CVEs from 2025
Total
8,818
critical
critical 1,314
high
high 1,959
medium
medium 1,968
low
low 200
% Critical
14.9%
% with KEV
2.1%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6816 | low | 3.3 | 3.3 | 11mo ago | A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffe… | |||
| CVE-2025-6750 | low | 3.3 | 3.3 | 11mo ago | A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to… | |||
| CVE-2025-6536 | low | 3.3 | 3.3 | 1y ago | A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library src/lib/core/datetime.c. The manipu… | |||
| CVE-2025-6497 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reacha… | |||
| CVE-2025-6496 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads t… | |||
| CVE-2025-6494 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-… | |||
| CVE-2025-6490 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-par… | |||
| CVE-2025-6275 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-inte… | |||
| CVE-2025-6274 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulatio… | |||
| CVE-2025-6273 | low | 3.3 | 3.3 | 1y ago | A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to… | |||
| CVE-2025-6272 | low | 3.3 | 3.3 | 1y ago | A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-o… | |||
| CVE-2025-6271 | low | 3.3 | 3.3 | 1y ago | A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation… | |||
| CVE-2025-6141 | low | 3.3 | 3.3 | 1y ago | A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipu… | |||
| CVE-2025-6140 | low | 3.3 | 3.3 | 1y ago | A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scoped_padder in the library include/spdlog/pattern_formatter-inl.h. The manipulation… | |||
| CVE-2025-3549 | low | 3.3 | 3.3 | 1y ago | A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/Ass… | |||
| CVE-2025-3548 | low | 3.3 | 3.3 | 1y ago | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h … | |||
| CVE-2025-2923 | low | 3.3 | 3.3 | 1y ago | A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the… | |||
| CVE-2025-2914 | low | 3.3 | 3.3 | 1y ago | A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect… | |||
| CVE-2025-46394 | low | 3.2 | 3.2 | 1y ago | In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. | |||
| CVE-2025-8277 | low | 3.1 | 3.1 | 16d ago | Moderate: libssh security update | |||
| CVE-2025-15454 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was detected in zhanglun lettura up to 0.1.22. This issue affects some unknown processing of the file src/components/ArticleView/ContentRender.tsx of the component RSS Handler. The ma… | |||
| CVE-2025-15242 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing a manipulation results in race condition. The attack can be … | |||
| CVE-2025-15141 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of the file /actuator of the component Configuration Handler. Executing a manipulation can lead to inf… | |||
| CVE-2025-15125 | low | 3.1 | 3.1 | 5mo ago | A security flaw has been discovered in JeecgBoot up to 3.9.0. Affected is the function queryDepartPermission of the file /sys/permission/queryDepartPermission. The manipulation of the argument depart… | |||
| CVE-2025-15124 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was identified in JeecgBoot up to 3.9.0. This impacts the function getParameterMap of the file /sys/sysDepartPermission/list. The manipulation of the argument departId leads to improp… | |||
| CVE-2025-15123 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was determined in JeecgBoot up to 3.9.0. This affects an unknown function of the file /sys/sysDepartPermission/datarule/. Executing manipulation can lead to improper authorization. It… | |||
| CVE-2025-15122 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was found in JeecgBoot up to 3.9.0. The impacted element is the function loadDatarule of the file /sys/sysDepartRole/datarule/. Performing manipulation of the argument departId/roleId… | |||
| CVE-2025-15120 | low | 3.1 | 3.1 | 5mo ago | A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the file /sys/sysDepartRole/getDeptRoleList. This manipulation of the argument departId causes improper aut… | |||
| CVE-2025-15119 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper a… | |||
| CVE-2025-15084 | low | 3.1 | 3.1 | 5mo ago | A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the function orderService.payOrder of the file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/contro… | |||
| CVE-2025-12623 | low | 3.1 | 3.1 | 7mo ago | A vulnerability was identified in fushengqian fuint up to 41e26be8a2c609413a0feaa69bdad33a71ae8032. Affected by this issue is some unknown functionality of the file fuint-application/src/main/java/co… | |||
| CVE-2025-11731 | low | 3.1 | 3.1 | 8mo ago | A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML d… | |||
| CVE-2025-10320 | low | 3.1 | 3.1 | 9mo ago | A vulnerability was detected in iteachyou Dreamer CMS up to 4.1.3.2. This issue affects some unknown processing of the file /admin/user/updatePwd. Performing manipulation results in weak password req… | |||
| CVE-2025-10287 | low | 3.1 | 3.1 | 9mo ago | A vulnerability has been found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40. The affected element is an unknown function of the file /auth/orderQuery. Such manipulation of the … | |||
| CVE-2025-10252 | low | 3.1 | 3.1 | 9mo ago | A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of the component Java RMI Registry Handler. This manipulation causes deserialization. The attack can only… | |||
| CVE-2025-10080 | low | 3.1 | 3.1 | 9mo ago | A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil… | |||
| CVE-2025-10014 | low | 3.1 | 3.1 | 9mo ago | A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the … | |||
| CVE-2025-7882 | low | 3.1 | 3.1 | 11mo ago | A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been rated as problematic. This issue affects some unknown processing of the component Login. The manipulation leads… | |||
| CVE-2025-6527 | low | 3.1 | 3.1 | 1y ago | A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611. Affected is an unknown function of the component Web Server. The manipulation leads to improper access co… | |||
| CVE-2025-6524 | low | 3.1 | 3.1 | 1y ago | A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. A… | |||
| CVE-2025-6107 | low | 3.1 | 3.1 | 1y ago | A vulnerability was found in comfyanonymous comfyui 0.3.40. It has been classified as problematic. Affected is the function set_attr of the file /comfy/utils.py. The manipulation leads to dynamically… | |||
| CVE-2025-5889 | low | 3.1 | 3.1 | 1y ago | A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The man… | |||
| CVE-2025-46653 | low | 3.1 | 3.1 | 1y ago | Formidable (aka node-formidable) 2.1.0 through 3.x before 3.5.3 relies on hexoid to prevent guessing of filenames for untrusted executable content; however, hexoid is documented as not "cryptographic… | |||
| CVE-2025-62312 | low | 3.0 | 3.0 | 21d ago | HCL AION is affected by a vulnerability where basic authorization tokens are used for authentication. Use of basic authorization mechanisms may expose credentials to potential interception or misuse,… | |||
| CVE-2025-66382 | low | 2.9 | 2.9 | 6mo ago | In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time. | |||
| CVE-2025-62345 | low | 2.7 | 2.7 | 29d ago | HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the … | |||
| CVE-2025-14836 | low | 2.7 | 2.7 | 6mo ago | A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Storage Module. This manipulation causes clea… | |||
| CVE-2025-64254 | low | 2.7 | 2.7 | 6mo ago | Missing Authorization vulnerability in Ronald Huereca Photo Block photo-block allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Block: from n/a through … | |||
| CVE-2025-8519 | low | 2.7 | 2.7 | 10mo ago | A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This affects an unknown part of the file /vadmin123/index.php?module=editor/editor of the component Drag-and-Drop… | |||
| CVE-2025-7881 | low | 2.7 | 2.7 | 11mo ago | A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59423n. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulati… | |||
| CVE-2025-7061 | low | 2.7 | 2.7 | 11mo ago | A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv… | |||
| CVE-2025-32205 | low | 2.7 | 2.7 | 1y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through <= 1.0.30. | |||
| CVE-2025-62317 | low | 2.6 | 2.6 | 21d ago | HCL AION is affected by a vulnerability where sensitive information may be included in URL parameters. Passing sensitive data in URLs may expose it through browser history, logs, or intermediary syst… | |||
| CVE-2025-62309 | low | 2.6 | 2.6 | 21d ago | HCL AION is affected by a vulnerability where auto-complete functionality is enabled for certain input fields. This may allow sensitive information to be stored in the browser, potentially leading to… | |||
| CVE-2025-10216 | low | 2.6 | 2.6 | 9mo ago | A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown function of the file /checkout/ConfirmOrder/ of the component Voucher Handler. The manipulation of the argume… | |||
| CVE-2025-0620 | low | — | 2.5 | — | A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect … | |||
| CVE-2025-48708 | low | — | 2.5 | — | gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password in cleartext. | |||
| CVE-2025-4575 | low | — | 2.5 | — | Issue summary: Use of -addreject option with the openssl x509 application adds a trusted use instead of a rejected use for a certificate. Impact summary: If a user intends to make a trusted certific… | |||
| CVE-2025-11143 | low | — | 2.5 | 3mo ago | org.eclipse.jetty:jetty-http has different parsing of invalid URIs | |||
| CVE-2025-22873 | low | — | 2.5 | 4mo ago | It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape o… | |||
| CVE-2025-65111 | low | — | 2.5 | 7mo ago | SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results | |||
| CVE-2025-64529 | low | — | 2.5 | 7mo ago | SpiceDB WriteRelationships fails silently if payload is too big | |||
| CVE-2025-64481 | low | — | 2.5 | 7mo ago | Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and below and 1.0a0 through 1.0a19, deployed instances of Datasette include an open redirect vulnerability… | |||
| CVE-2025-9589 | low | 2.5 | 2.5 | 9mo ago | A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack … | |||
| CVE-2025-9383 | low | 2.5 | 2.5 | 9mo ago | A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The … | |||
| CVE-2025-9165 | low | 2.5 | 2.5 | 10mo ago | A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipul… | |||
| CVE-2025-8534 | low | 2.5 | 2.5 | 10mo ago | A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads … | |||
| CVE-2025-4563 | low | — | 2.5 | 1y ago | A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled,… | |||
| CVE-2025-6170 | low | 2.5 | 2.5 | 1y ago | A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, … | |||
| CVE-2025-48432 | low | — | 2.5 | 1y ago | An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially… | |||
| CVE-2025-48370 | low | — | 2.5 | 1y ago | auth-js Vulnerable to Insecure Path Routing from Malformed User Input | |||
| CVE-2025-1376 | low | 2.5 | 2.5 | 1y ago | A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipu… | |||
| CVE-2025-68711 | low | 2.4 | 2.4 | 8d ago | AppLockZ App Lock and Fingerprint Lock (applock.passwordfingerprint.applockz) 4.2.11 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an ove… | |||
| CVE-2025-68708 | low | 2.4 | 2.4 | 8d ago | SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's … | |||
| CVE-2025-68710 | low | 2.4 | 2.4 | 8d ago | Easyelife App lock (aka Fingerprint,Applock or locker.app.safe.applocker) 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay … | |||
| CVE-2025-15505 | low | 2.4 | 2.4 | 5mo ago | A vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The manipulation of the argument Guest Network/Wirel… | |||
| CVE-2025-15149 | low | 2.4 | 2.4 | 5mo ago | A vulnerability has been found in rawchen ecms up to b59d7feaa9094234e8aa6c8c6b290621ca575ded. Affected by this vulnerability is the function updateProductServlet of the file src/servlet/product/upda… | |||
| CVE-2025-14722 | low | 2.4 | 2.4 | 6mo ago | A vulnerability was determined in vion707 DMadmin up to 3403cafdb42537a648c30bf8cbc8148ec60437d1. This impacts the function Add of the file Admin/Controller/AddonsController.class.php of the componen… | |||
| CVE-2025-13795 | low | 2.4 | 2.4 | 6mo ago | A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the compone… | |||
| CVE-2025-11645 | low | 2.4 | 2.4 | 8mo ago | A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android. This affects an unknown part of the component Authentication Token Handler. The manipulation leads to … | |||
| CVE-2025-11333 | low | 2.4 | 2.4 | 8mo ago | A vulnerability was identified in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. This impacts an unknown function of the file /customer_add_action.php of the compone… | |||
| CVE-2025-11283 | low | 2.4 | 2.4 | 8mo ago | A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument Description can lead to cross site script… | |||
| CVE-2025-11134 | low | 2.4 | 2.4 | 8mo ago | A security vulnerability has been detected in Cudy TR1200 1.16.3-20230804-164635. Impacted is an unknown function of the file /cgi-bin/luci/admin/network/wireless/config/ of the component Wireless Se… | |||
| CVE-2025-10949 | low | 2.4 | 2.4 | 8mo ago | A vulnerability was found in Changsha Developer Technology iView Editor up to 1.1.1. This impacts an unknown function of the component Markdown Handler. The manipulation results in cross site scripti… | |||
| CVE-2025-10909 | low | 2.4 | 2.4 | 8mo ago | Mangati NovoSGA XSS vulnerability in /admin | |||
| CVE-2025-10434 | low | 2.4 | 2.4 | 9mo ago | A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title … | |||
| CVE-2025-9797 | low | 2.4 | 2.4 | 9mo ago | A vulnerability was determined in mrvautin expressCart up to b31302f4e99c3293bd742c6d076a721e168118b0. This impacts an unknown function of the file /admin/product/edit/ of the component Edit Product … | |||
| CVE-2025-9591 | low | 2.4 | 2.4 | 9mo ago | A security vulnerability has been detected in ZrLog up to 3.1.5. This vulnerability affects unknown code of the file /api/admin/template/config of the component Theme Configuration Form. Such manipul… | |||
| CVE-2025-9416 | low | 2.4 | 2.4 | 9mo ago | A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results i… | |||
| CVE-2025-9119 | low | 2.4 | 2.4 | 10mo ago | A vulnerability was determined in Netis WF2419 1.2.29433. This vulnerability affects unknown code of the file /index.htm of the component Wireless Settings Page. This manipulation of the argument SSI… | |||
| CVE-2025-9103 | low | 2.4 | 2.4 | 10mo ago | A vulnerability was detected in ZenCart 2.1.0. Affected by this vulnerability is an unknown functionality of the component CKEditor. The manipulation leads to cross site scripting. The attack can be … | |||
| CVE-2025-8834 | low | 2.4 | 2.4 | 10mo ago | A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation… | |||
| CVE-2025-7554 | low | 2.4 | 2.4 | 11mo ago | A vulnerability classified as problematic was found in Sapido RB-1802 1.0.32. This vulnerability affects unknown code of the file urlfilter.asp of the component URL Filtering Page. The manipulation o… | |||
| CVE-2025-62316 | low | 2.3 | 2.3 | 21d ago | HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based securi… | |||
| CVE-2025-6748 | low | 2.1 | 2.1 | 11mo ago | A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelapp/files/. The manipula… | |||
| CVE-2025-6666 | low | 2.0 | 2.0 | 6mo ago | A vulnerability was determined in motogadget mo.lock Ignition Lock up to 20251125. Affected by this vulnerability is an unknown functionality of the component NFC Handler. Executing manipulation can … | |||
| CVE-2025-21096 | low | 1.9 | 1.9 | 10mo ago | Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2025-9381 | low | 1.6 | 1.6 | 9mo ago | A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disc… | |||
| CVE-2025-7215 | low | 1.6 | 1.6 | 11mo ago | A vulnerability, which was classified as problematic, has been found in FNKvision FNK-GU2 up to 40.1.7. Affected by this issue is some unknown functionality of the file /rom/wpa_supplicant.conf. The … | |||
| CVE-2025-7214 | low | 1.6 | 1.6 | 11mo ago | A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The man… |